Privacy Policy

Privacy Policy

Last modified 09.04.2018 2018

We at LAERDAL collectively referred to as “LAERDAL”, “we”, “us”, “our”) take your privacy seriously. This Privacy Statement describes how we collect, store, use and disclose information that identifies you as an individual when you interact with us or use any of the following:

Any website maintained by LAERDAL (referred to as “Website” or “Websites”) or

Any LAERDAL product, service, application or programme including any trial (collectively referred to as “Services”)

This Privacy Statement is issued on behalf of the Laerdal group of companies so when we mention LAERDAL we are referring to the relevant company in the LAERDAL group of companies responsible for processing your data. LAERDAL MEDICAL AS is the controller responsible for this Website.

It is important that you read this Privacy Statement together with any other privacy notice or fair processing notice we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we use your data. This Privacy Statement supplements the other notices and is not intended to override them.

This Website is not intended for children (i.e. persons under 16 years of age) and we do not knowingly collect data relating to children through this Website.

WHEN WE COLLECT PERSONAL INFORMATION

We collect information about you if you:

use this Website;

enquire about or purchase our Services (either in your own capacity, or as a representative for your employer); or

use one of our Services (either for your own professional purposes (e.g. as a private doctor), or during the course of your employment for an organisation (such as a hospital or other service provider or other organisation) which utilises our Services, or where you participate in a training programme or receive medical treatment from a provider using our Serivces) or

When you apply to us online for a job. (Please note that this Privacy Statement only describes our handling of your information during the recruitment period only and does not apply after you become employed by us (if successful). This Privacy Statement does not apply to Laerdal employees in the context of their employment.

TYPES OF INFORMATION COLLECTED

The personal information we collect depends on the context of your interaction with LAERDAL and can include:-

Identity data including first and last name, user name, title

Contact data including email address, postal address (billing or delivery), employer or organisation details, phone number and other similar contact data

Profile data including user name and credentials such as passwords, password hints and other similar information for authentication and account access, purchases or orders made by you, feedback and survey responses

Usage data including information about how you use our Websites or Services

Demographic data such as location, country and preferred language

Payment data necessary to process your payment if you make purchases such as your credit card or other bank card number

Transaction data such as details about payments to and from you and other details of products or services you have bought from us

Technical Data including internet protocol (IP) addresses, login data, browser type and version, time zone and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access the Websites or Services

Marketing and communication data including your preferences in receiving marketing from us and our third parties and your communication preferences

(if relevant) employer’s name, hire date, department and job title; details of any training or performance records and levels of competence obtained through your use of the Services and details of your access to and use of the Services.

We may aggregate or otherwise de-identify your personal information, so that we can use it for our own statistical, analytical or benchmarking purposes. We do this in order to better understand how users interact with our website, or to understand and evaluate how our products are used, so that we can make evidence based improvements to them. The de-identified information that we use for these purposes will not directly or indirectly reveal your identity.

Information you give us:

When you use the Websites or contact us in any way: You may give us information about yourself by filling in forms on our Websites or by corresponding with us by phone, email or otherwise. This includes information you provide when you submit documentation to us, register to use our Websites, enquire about or purchase our Services, subscribe to our Services, interact with our personnel, report a problem on our Websites or when you provide feedback. If you contact us through the Websites, we will keep a record of our correspondence.

When you use the Services: We receive and store information that you directly provide to us through your use of Services including any personal information that you provide to us when you register for the first time as a user of our Services.

IMPORTANT NOTE: Many Services are intended for use by our customer organisations and are in those cases, administered to you by your organisation. We collect and process our customers’ information on their instructions and in accordance with our agreements with them. Your use of the Services may be subject to your organisation’s policies, if any. If you use any Services under direction from an organisation you have a connection with (such as an employer or a school), that organisation will (1) control and administer your use of the Services and (2) access and process your personal information. If your organisation administers your use of the Services, please direct your privacy enquiries to your organisation. Your organisation is the data controller of your personal information for such purposes, and we are the data processor. LAERDAL is not responsible for the privacy or security practices of its customers and these may differ from those set out in this Privacy Statement.

Information we automatically collect about you:

When you use the Websites or the Services: We may automatically collect technical information including the Internet Protocol (IP) address used to connect your computer to the internet and your login information, browser type and version, time zone setting as well as information about your visit including pages visited. We will also collect information about your visit including the full Uniform Resource Locators (URL), clickstream to, through and from our Website (including date and time), products you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information and any phone number used to call our customer service number.

COOKIES: You understand and agree that, when you visit certain pages of our Website or use our Services, our servers may send "cookies". Cookies are small pieces of text sent to your computer's hard drive through your web browser. Such electronic personal information is sent to us automatically. If you do not wish to accept cookies in respect of your use of the Services, you should stop using the Services, or turn off your cookies using your Internet browser settings, but please be aware that some of the functionality of the Websites or Services and associated services may not work if your browser does not accept cookies. For Information about the cookies we use, please see our cookie policy.

Information we receive from third parties. We also obtain personal information from third parties according to the practices described in this Statement together with any additional restrictions imposed by the source of the data. These third-party sources include:

Customer organisations (please refer to the IMPORTANT NOTE above).

Service providers that help us to determine a location based on your IP address or assist us with technical, payment and delivery services

Partners with which we offer co-branded Services or engage in joint marketing activities such as the American Heart Association, British Heart Foundation and others.

HOW YOUR PERSONAL INFORMATION IS USED

We will use the information we collect via our Websites and Services to:

(b) Necessary for our legitimate interests (to study how customers use our products/services, to develop them and grow our business)

To administer and protect our business and this Website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)

(a) Identity

(b) Contact

(c) Technical

(a) Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise)

(b) Necessary to comply with a legal obligation

To deliver relevant Website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you

(a) Identity

(b) Contact

(c) Profile

(d) Usage

(e) Marketing and Communications

(f) Technical

Necessary for our legitimate interests (to study how customers use our products/services, to develop them, to grow our business and to inform our marketing strategy)

To use data analytics to improve our Website or Services, marketing, customer relationships and experiences. As stated above, we take steps to de-identify this information prior to processing, but to the extent that it technically contains any personal data for the purposes of data protection law, we have established the appropriate legal basis set out here.

(a) Technical

(b) Usage

Necessary for our legitimate interests (to define types of customers for our products and services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy)

To make suggestions and recommendations to you about Services that may be of interest to you

To assess your skills, qualifications and suitability for any job that you may seek with us and to communicate with you during the recruitment process and keep records of our hiring process

(Please note that this Privacy Statement only describes our handling of your information during the recruitment period only and ceases to apply after you become employed by us (if successful). This Privacy Statement does not apply to Laerdal employees in the context of their employment.

(a) Identity

(b) Contact

(c) Academic and professional skills

(d) Employment history

(e) gender, title, date of birth

(f) any other information you choose to provide us in an online job application

Necessary for our legitimate interests in deciding whether to hire you and also necessary for our legitimate interest in contacting you

Generally we do not rely on consent as a legal basis for processing your personal information. In some circumstances, we may rely upon consent as a basis to send direct marketing communications to you via email or text message, where we are required to do so by law. However, in other cases we will lawfully rely on our legitimate interest in being able to inform you about relevant Services, in a way which is not overly intrusive. Regardless of our legal basis for marketing, you have the right to prevent marketing at any time by contacting us at privacy@laerdal.com or by using the unsubscribe links contained in our emails. If you specifically consent to additional uses of your personal information, we may use your personal information in a manner consistent with that consent. Separately, your employer may collect consents from you for their own purposes as a data controller (see the following box).

Where you use the Services at the request of your employer, and we provide Services to your employer, we collect, use and share your personal information for the above purposes at the request of, and in accordance with the directions of your employer. Your employer is the data controller of your personal information for such purposes, and we are the data processor. Your employer has personal information protection policies and processes that may differ from the privacy notice you are currently reading and we recommend that you read such policies before accessing or using the Services.

If you have yourself individually subscribed to the Services, we collect, use and share your personal information for the above purposes for and on your behalf and we are the data processor of your personal information for such purposes.

We will not sell your personal information or share it with third parties for use in advertising or marketing of their products or services.

HOW WE SHARE YOUR INFORMATION

Where you use the Services at the request of your employer, and we provide services to your employer, we share your personal information with your employer for certain purposes as data processor of your employer - see "HOW YOUR PERSONAL INFORMATION IS USED" above.

We use third-party service providers (for example, Microsoft Azure) to store and process your personal information. Where our Service is one that is being provided in conjunction with one of our partners, such as the American Heart Association, we will share personal information with that partner for the purpose of issuing certificates of competence endorsed by that partner. Our partners are required by us to provide substantially the same level of security and protection to your personal information as we ourselves are obliged to under this Privacy Statement.

We may share your personal information with our payment processing service providers in connection with the payment processing services that they perform for us in connection with processing your purchase of the Services. They are not authorized by us to use the information for their benefit.

Our service providers have to follow our express instructions when processing personal information you provide and they must comply with appropriate retention and security measures to protect such personal information and we do not allow them to use this information for their own purposes.

We may also share your personal information in response to a request by government or regulatory authorities, law enforcement or an order of the courts; to a potential acquirer of our business; and as permitted by applicable laws and regulations.

Links to other websites. The Websites contain links and interactive features with various social media platforms, such as Facebook, YouTube and Twitter. If you give information to these platforms then your information will be registered on these platforms and will be available to anyone who uses the platforms. If you already use these platforms, their cookies may be set on your device when using our Websites and they may already have certain information about you which they may combine with information collected on our Websites. These features may enable integration and/or access to your social media accounts. We do not control those social media services, your profiles on those services, modify your privacy settings on those services or establish rules about how your information on those services will be used. You and the social media service providers are in control of those issues. You are encouraged to read all policies and information on the applicable social media services to learn more about how they handle your information before using any such features made available to you on the Websites. We are not responsible for any acts or omissions by any social media service provider or your use of features that come from their features or platform.

INTERNATIONAL TRANSFERS OF YOUR PERSONAL INFORMATION

LAERDAL has operations around the world, and we also have partners and service providers who operate in a variety of countries. As such, your personal information may be moved to, disclosed to or stored by us in countries other than your own country, where the data protection and privacy laws may be different to those in your country. One way in which this may occur is where your personal information is stored in a controlled access repository in the cloud. “In the cloud” refers to servers in a data center that are managed by a third party and accessible through the Internet, and that data center may be in a country other than your own. However we have taken appropriate safeguards to require that your personal information will remain protected in accordance with this Privacy Statement. These include implementing an intra-group agreement based on the European Commission’s Standard Contractual Clauses for transfer of personal information between our group companies as well as supplementary data protection obligations relevant to the country of export in the case of export of personal information from Australia, Canada, Malaysia, Mexico, Poland or Singapore. These also include implementing appropriate data processing agreements with third parties, where relevant. You acknowledge and agree to this transfer, storing and/or processing outside of your country.

RETENTION OF YOUR PERSONAL INFORMATION

In the limited circumstances where we are the data controller of your personal information (see "How Your Personal Information Is Used" above for further details), we maintain your personal information only for as long as is it is necessary. In some circumstances we may store your personal information for longer periods of time, for instance where we are required to do so in accordance with legal, regulatory, tax, accounting requirements. In specific circumstances we may also store your personal information for longer periods of time so that we have an accurate record of your dealings with us in the event of any complaints or challenges, or if we reasonably believe there is a prospect of litigation relating to your personal information or dealings

Where your employer or another organisation is the data controller of your personal information, please refer to their personal information protection policies and processes for information about the relevant retention period(s).

DATA INTEGRITY AND SECURITY

We are committed to the privacy and confidentiality of the personal information in our control or possession (as the case may be). We are obliged to have appropriate physical, electronic and managerial protection measures in place to prevent unauthorized access, erasure, loss, use, processing or disclosure of your personal information, and we take reasonable steps to do so. We will continue to review and update our security measures where appropriate, as new technology becomes available.

Unfortunately, transmission of information via the Internet is not completely secure. Although we use reasonable measures to protect your personal information, we cannot guarantee the security of your personal information.

YOUR RIGHTS

Subject to certain exemptions, and in some cases dependent upon the processing activity we are undertaking, you have certain rights in relation to your personal information:

To access personal information

To correct / erase personal information

To restrict the processing of your personal information

To transfer your personal information

To object to the processing of personal information

To object to how we use your personal information for direct marketing purposes

To obtain a copy of personal information safeguards used for transfers outside your jurisdiction

To lodge a complaint with your local supervisory authority or in the case of Australian residents, the right to complain about our processing of your personal information.

Importantly, in situations where we act as a data processor (for example, where we collect personal information from you through the use of our Services, as more fully described throughout this Privacy Statement) you should exercise your rights against the relevant data controller (for example, your employer, where your employer is the customer organisation which has purchased our Services).

How to contact us:

You may contact us in a number of ways listed below in connection with your personal information.

We may ask you for additional information to confirm your identity and for security purposes, before disclosing the personal information requested to you. We reserve the right to charge a fee where permitted by law, for instance if your request is manifestly unfounded or excessive.

If you wish to opt out of marketing communication we send you at any time you can either do this by clicking on the form above or by clicking on the “unsubscribe” link in the marketing emails that we send to you or by contacting us directly at Privacy@Laerdal.com.

If you have any questions about this Privacy Statement including any requests to access, correct or delete the personal information we hold about you or to complain about our handling of your personal information, you can also contact our data protection manager using the details set out below:

With regard to personal information of Australian residents only, please call us on 1800-331-565 or email us at privacy@laerdal.com.au if you have any questions about this Privacy Statement, our management of your information or if you would like a copy of this Statement sent to you.

Additional information for German residents

Data Protection Officer for the Federal Republic of Germany

With regard personal information of German citizens only, please note that we have appointed Marc Fuchs of Datev DE as our German data protection officer for all matters arising in respect of our German entities. If you have any questions about this Privacy Statement with regard to the personal information of German citizens then please contact Mr Fuchs. His contact details are as follows:-

With regard to personal information of USA or Canada residents only, please be aware of the following:

Interest Based Advertising

We may work with third parties to deliver targeted advertising to you when you visit our Websites. We may use Cookies and similar technologies in this process. For example, if you search for information on a particular Laerdal product, we may cause an advertisement for such a product to appear on other websites that you view. This form of advertising (also known as Interest Based Advertising) is based on non-personal information which does not specifically identify you. As a result, third parties may be aware of your interests but cannot personally identify you in connection with the delivery of that specific advertisement. We believe such advertising is helpful because you will see advertisements that are relevant to your interests and activities. However if you can opt out of targeted advertising from certain providers at www.aboutads.info/consumers. This process relies on an opt out cookie so if you delete your cookies or use a different computer you will have to repeat this process. Please note that by opting out, you will continue to see advertising online but it may not be tailored to your specific interests and activities.

We comply with the Self Regulatory Principles for Online Behavioral Advertising set forth by the Digitial Advertising Alliance.

Opt out for USA residents:

In addition to the methods mentioned in 1 and 2 above, you can also subscribe and unsubscribe from Laerdal marketing communications at

Your request may be accepted or denied on the basis of any applicable laws and where your employer is the data controller of personal information requested we may redirect your request to your employer.

It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us. We will update this Privacy Statement when necessary. All updates will be posted on the Websites. When we post such updates, we will revise the “last updated” date at the top of the statement. We encourage you to periodically review this Privacy Statement to learn how LAERDAL is protecting your information.